Tealium iQ Consent Manager Helps You Meet GDPR Compliance Challenge

Is your company ready for GDPR? Like many organizations who in some way touch data related to customers and users of your digital properties, you now have a specific regulatory obligation to use this data responsibly, while continuing to provide user-focused experiences and of course supporting your own marketing and tracking efforts.

According to GDPR definitions, if you have a website, you are considered the data controller, i.e., the owner of the data who makes all the decisions regarding the purposes and means of collecting personal data of your visitors, or data subjects.

In this article, we will outline how Tealium iQ’s new Consent Manager tool can help you comply with GDPR while maintaining a robust tagging infrastructure. We will also review Tealium iQ Privacy Manager, which can also help you maintain responsible use of customer data and align with the overall thrust of GDPR.

Consent Manager

Tealium acts a data processor on the following products: UDH (Universal Data Hub) EventStream, AudienceStream, and DataAccess. As a data processor, Tealium has the responsibility to provide you (the data controller) with the means to fulfill data subject’s access to their own data and, in general, to implement responsible data collection practices.

One of the approaches to fuel data into UDH Universal Data Hub is to use the Tealium iQ. Through implementing a tag called Tealium Collect. This tag automates the data collection to be processed and used by AudienceStream, EventStream, and DataAccess for segmentation and real-time actions.

According to GDPR, the data controller determines the purposes and means of collecting personal data and is the owner of the data. The data controller must be able to demonstrated that the data subject has given consent to the collection and processing of their personal data.

Consent Manager in Tealium iQ

Therefore Tealium iQ new Consent Manager will help users comply with these requirements.

Consent Management uses the following two components to help you manage consent:

Consent Request Manager
You can configure the prompt that is presented on your website to request consent from visitors. Visitors can grant consent or withdraw consent via the prompt.

Consent Manager allows you to configure a specific consent prompt.

Consent Preferences Manager
This component allows you to configure the categories of tracking offered to visitors that give consent.

Users who give consent can specify the types on tags that can use their personal data.

Lookup and Deletion of Personal Data

As an additional tool for GDPR compliance for data controllers, Tealium released the new Visitor API in AudienceStream, which can be used to lookup individual visitor records and delete them if needed. The new Visitor API offers the following features:

Lookup/View Visitor Data

Delete Visitor Data

View Visitor ID Attributes

Check Delete Status

For full details on Tealium iQ Consent Manager, view this preview:

Questions about how you can use Tealium iQ and the Universal Data Hub for user-focused experiences and tracking while maintaining your compliance with GDPR and honoring customer privacy? Contact E-Nor today.

2 Comments

Display Rule
On the Display Rule screen you will select the load rule to determine when to load the consent prompt (and display it to customers). You can select an existing load rule or create one to satisfy that criteria. If you are unsure, a guide is offered to generate a load rule for you.

GDPR Load Rule Creation Guide
The GDPR load rule creation guide is a series of questions about your website, domain, and data layer that generates the best load rule for the consent prompt. The questions are designed to determine the easiest way to identify your EU visitors using the data available in the data layer. The guide has pre-built the list of EU country names and will generate the conditions needed to detect them all in one load rule.

Identifying EU data subjects can be accomplished the following ways:

Domain, Subdomain, or Pathname
If your iQ profile is loaded on a website that is dedicated to EU citizens or your business only operates within the EU, then the domain, subdomain, or pathname of the URL will likely contain a country code that can be used in a load rule.
Examples: de.example.com, http://www.example.de, http://www.example.com/de
Data Layer Country Variable
If your iQ profile is loaded on a website that allows visitors to choose their country or language, then this information can be represented in the data layer and used to create a load rule.
Examples: utag_data.country_code = “de”
If you skip the load rule creation guide, you can create your own load rule or, if your iQ profile is loaded on a site entirely dedicated to serving EU citizens, you can use the default load rule, “All Pages”.